Sufficient Encryption

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Are files protected by the encryption of XP Pro and Tiger Firevault
sufficient so that laptops using either are fully protected if lost or

Re: Sufficient Encryption wrote:
Quoted text here. Click to load it

Depends. If user passphrase is over 16 marks long and random AND it nor
its hash are not stored anywhere in the hdd. Unfortunally they usually
are stored in LM and NTLM hashes that can be cracked open. Also, using
EFS is tricky, you have to set whole directories to be encrypted and be
carefull so that plaintext versions of files dont exist anywhere else on
the hdd.

Quoted text here. Click to load it

Never heard of it.
Just use Truecrypt with 24+ marks long passphrases and keyfile and you
are fine.

BTW. remember to wipe plaintext versions with Eraser when encrypting.

"Kansan enemmistön hyväksyntää ei tarvita minarkian perustamiseksi eikä
minarkian ylläpitämiseksi. Minarkiassa valtion tarkoitus ei ole toimia
kumileimasimena kansan enemmistön päähänpistoille, vaan turvata
yksilönvapaus. Siinä ero nykydemokratiaan nähden."
  - Markus Jansson

Re: Sufficient Encryption wrote:
Quoted text here. Click to load it


depends on the attack you want to be secure from.

I'm very sceptical of EFS. Also FileVault had it's flaws (like
unencrypted swap), while the actual implementation seems to work now.
For Windoze, I'm using truecrypt.

I feel much more secure with dm-crypt under Linux, to be honest,
booting from a signed CD, authenticating with a key on an USB stick.

Ich würde schätzen, dass ca. 87% aller spontanen Schätzungen völlig für
den Arsch sind.

    Ralph Angenendt in

Re: Sufficient Encryption

Volker Birk wrote:
Quoted text here. Click to load it

The implementation seems to be fine, but it has problematic semantics.
F.e. it's impossible to transfer EFS-encrypted files when your program
doesn't support NTFS ADS metadata. A simple damage to the EFS metadata
makes the entire file unreadable. A single defective block inside the
file makes an entire 64 KB unreadable. And there're some problems with
locking mechanisms.

Site Timeline